Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Valued Contributor

Google Hangouts Getting Identified when trying to go out of DNS

We have app control applied to our DNS outbound policy.

The app only allows DNS out on the DNS policy


We have noticed in our logs that we see Google.Plus being identified (and blocked) on our DNS policy. Have you guys seen that? Is this common or is there something wrong on my end? Surely, Google isn't trying to tunnel Google Plus out of DNS


A quick Google search (ironic?) didn't yield any immediate clues about the ports that Google Hangouts uses, and for what purposes, but Fortinet devices use port 53 all the time for FortiGuard queries, among other things.


It may not be tunnelling most/all traffic through DNS, but may very well be using the port for a special purpose, name resolution-related or otherwise.

Regards, Chris McMullan Fortinet Ottawa